Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
CWE
:
Tytuł
Data
Autor
Med.
Apple iOS 17.2.1 Screen Time Passcode Retrieval / Mitigation Bypass
24.09.2024
SivertPL
Common Weakness Enumeration (CWE)
CVE
Szczegóły
Opis
2024-10-04
CVE-2024-47654
Updating...
This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. An unauthenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints, which could lead to the OTP bombing on the targeted system.
2024-09-26
CVE-2024-9199
Updating...
Rate limit vulnerability in Clibo Manager v1.1.9.2 that could allow an attacker to send a large number of emails to the victim in a short time, affecting availability and leading to a denial of service (DoS).
2024-06-20
CVE-2024-32943
Updating...
An attacker may be able to cause a denial-of-service condition by sending many SSH packets repeatedly.
CVE-2024-35246
Updating...
An attacker may be able to cause a denial-of-service condition by sending many packets repeatedly.
2024-06-04
CVE-2023-51544
Updating...
Improper Control of Interaction Frequency vulnerability in Metagauss RegistrationMagic allows Functionality Misuse.This issue affects RegistrationMagic: from n/a through 5.2.5.0.
CVE-2023-40673
Updating...
: Improper Control of Interaction Frequency vulnerability in cartpauj Cartpauj Register Captcha allows Functionality Misuse.This issue affects Cartpauj Register Captcha: from n/a through 1.0.02.
2024-05-17
CVE-2024-24873
Updating...
: Improper Control of Interaction Frequency vulnerability in CodePeople CP Polls allows Flooding.This issue affects CP Polls: from n/a through 1.0.71.
2023-07-12
CVE-2023-38068
Updating...
In JetBrains YouTrack before 2023.1.16597 captcha was not properly validated for Helpdesk forms
2021-11-12
Medium
CVE-2021-37910
Updating...
ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users' connections by sending specially crafted SAE authentication frames.
2021-10-25
Medium
CVE-2021-41177
Vendor:
Nextcloud
Software:
Nextcloud server
Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, Nextcloud Server did not implement a database backend for rate-limiting purposes. Any component of Nextcloud using rate-limits (as as `AnonRateThrottle` or `UserRateThrottle`) was thus not rate limited on instances not having a memory cache backend configured. In the case of a default installation, this would notably include the rate-limits on the two factor codes. It is recommended that the Nextcloud Server be upgraded to 20.0.13, 21.0.5, or 22.2.0. As a workaround, enable a memory cache backend in `config.php`.
Copyright
2024
, cxsecurity.com
Back to Top
Polish
English